![](/img/trans.png)
[英]Can I do Model->where('id', ARRAY) multiple where conditions?
[英]PHP How can I do multiple where conditions?
這是我當前用於登錄用戶的代碼:
<?php
$uName = "";
$uNameMsg = "";
$pWord = "";
$pWordMsg = "";
if(isset($_POST["submit"])){
$uName = $_POST["username"];
if (empty($uName)) {
$uNameMsg = "please enter a username<br/>";
}
$pWord = $_POST["password"];
if (empty($pWord)) {
$pWordMsg = "please enter a password<br/>";
}
}
?>
//form goes here
<?php
require_once("conn.php");
$sql = "SELECT username, password FROM customers
WHERE username = $uName
AND password = $pWord";
$results = mysqli_query($conn, $sql)
or die ('Problem with query' . mysqli_error($conn));
if (mysqli_num_rows($results) < 1) {
echo "invalid username and password";
} else {
echo "query success, redirect header goes here";
}
?>
我收到語法錯誤,說“ AND password =”子句是錯誤的。 然后說錯誤位於第3行(我的標記),而“ AND password =”位於第75行。
這是我從第1行開始的代碼的開始
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>Customer Login</title>
<link rel="stylesheet" href="customerlogin.css">
</head>
您可以使用它,這肯定可以工作:
$sql = "SELECT username, password FROM customers
WHERE username = '$uName'
AND password = '$pWord'";
您的變量字符串連接在SQL語句中錯誤,請嘗試以下方法而不是查詢代碼行
$sql = "SELECT username, password FROM customers
WHERE username = '".$uName." '
AND password = '".$pWord."'";
像這樣更改查詢:
$sql = "SELECT username, password FROM customers WHERE username = '$uName ' AND password = '$pWord'";
傳遞字符串值時,應使用引號引起來。
如下更改您在php中的查詢
$sql = "SELECT username, password FROM customers
WHERE username = '{$uName}'
AND password = '{$pWord}'";
我假設用戶名是一個字符串,所以需要使用''
作為字符串傳遞
您未在值周圍加上引號'
。 您只能使用不帶引號的數字,因為應將值字符串加引號。 您的查詢容易受到sql注入的影響,因此請轉義您的字段或使用pdo。 請參見下面的代碼以轉義字段。
$pWord = $conn->real_escape_string($pWord);
$uName = $conn->real_escape_string($uName);
$sql = "SELECT username, password FROM customers
WHERE username = '$uName'
AND password = '$pWord'";
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.